How do users' software of choice serve their company's IT infrastructure monitoring needs? Which of their pain points are addressed? Which monitoring features could be improved, and how so?

As the cloud security landscape evolves and introduces new challenges to IT professionals, software reviews written by real users provide first-hand experience of how these cloud solutions impact the security needs of businesses.

Evident.io

Monitoring AWS Accounts

“The ability to audit each AWS account at a high level so we can see critical vulnerabilities that might otherwise be overlooked. The granular approach helps me to drill down and deal with each alert properly and individually.”

Securing AWS Accounts

“The ability to scan our AWS accounts to understand what is not in alignment with best practices is huge for us...This improves our overall security process to an acceptable level.

We are building out new AWS accounts that are secured from the beginning instead of fixing problems as they are detected. This ensures that everything is consistent and secure from the beginning. Previously, we had to wait until our security team identified a problem.”

PCI Audits

“I would like to see integration of PCI audits into the dashboard. That would help greatly in passing our PCI audits for AWS in an easy-to-view method.

I would also like the ability to integrate Evident with AWS in such a way that we could make basic changes to the AWS environments based on security alerts. For example, the ability to lock down unsecured security groups, apply PW policies, and rotate IAM keys.”

Real-Time Analysis

A Supervisor of Architecture and Infrastructure Platform Delivery at a recruiting/HR firm with 10,001+ employees adds that “This product needs to focus on real-time analysis. Currently, it only focuses on configuration settings. Giving us the ability to analyze CloudTrail results would enable us to take security to the next level.”

OpenDNS

Powerful Query Options

“The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, DNS records, etc. All of this information helps us determine whether a domain is malicious or not.”

Transparent Protection

Oleg Simonov, Cloud Solutions Architect at a hospitality company with 1,001-5,000 employees, praises OpenDNS for how it “transparently protects users from rogue websites”;

“OpenDNS filters DNS query/reply without any software to be installed on the client side, so in my mind, the transparency I was talking about relates to:

No changes on the client side required, i.e. software or configuration changes;The complete communication is not proxied as such, only DNS query/response filtered.”

Network Security

“One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.”

Shadow IT Capabilities

Jackson elaborates that “We are able to see what cloud services are being used with much more clarity than with our proxies and more importantly identify that we are using many cloud services we were not aware were even cloud services. Especially collaboration services.

The cloud risk registry has been great for getting a quick and clearer understanding of the risk of proposed services that we are looking at allowing. Previously, we were paying for expensive industry reports.”

Console Performance

“The console performance is sometimes slow, meaning that switch screens or generating reports can sometimes feel sluggish. Data and graphics take time to load in the browser, and also performance can depend on which browser you are using.”

Custom Attributes

He explains that his company uses these attributes “to identify and record details of our own interactions with the cloud service to show which are reviewed, which services are approved, blocked, sanctioned, etc…

Entering information into these custom fields requires you to confirm changes for each field individually, a UI improvement could be to add a save or update button to the site instead of doing each field individually.”

Application Discovery & Control Feature

“We use the Application Discovery & Control feature. With Google’s G Suite, it is very easy for a user to give full control of their Google data to a third party.

For example, when Pokémon Go was first released, it gave the vendor full access to do anything with a user’s Google account and to act as the user. In the wrong hands, this access is far worse than compromised passwords or any standard breach.

With RegEx-based reporting on Google Drive data, we can report any inappropriate or privileged data that should not be stored in Google.”

The API availability from CSP limits their option to integrate and scope for expansion, especially since the cloud service provider’s ecosystem has been growing very fast. I would recommend taking a different approach to integration which is similar to the SkyHigh or Splunk software.”

What else do users share about their experiences with monitoring their IT infrastructure and controls?